Better Than Just Passwords.Regularly changing and creating strong passwords was considered the best way to keep your personal and financial information safe. Using a password manager is recommended to keep track of them all. However, in the era of widespread corporate hacks, where one database breach can reveal tens of thousands of user passwords, we need more. Because users tend to reuse passwords, a hacker can use leaked data from one attack and use it to login to your other accounts. Thus, multi-factor authentication is required for most all accounts, especially sensitive accounts. Two-factor authentication (2FA) is when multiple pieces of information are required to verify your identity. So, to log into an account you may need to enter a code that is sent to your phone, as well as your user and password.

Updates, Security Software, and Backups. Keep all your software updated so you have the latest security patches. Turn on automatic updates so you don’t have to think about it. Make sure that your security software is set to run regular scans. Use the built-in, security software (like Windows Defender) before a problem happens, that way you’re not tempted to download some questionable “security software” at the time of an event — there are plenty of scams around that. Finally, keep good backups. Ransomware is still a pressing threat: infected users are asked to pay, or they’ll lose data. With good backups and up-to-date code, this is unlikely to be a real problem.

Street Smarts. Always be cautious about what you do online, which sites you visit, and what you share. Many of today’s online threats are based on phishing or social engineering. There are a lot of opportunities to accidentally share our business or personal information online. Be cautious about what you share, particularly when it comes to banking or personal identity information. Corporate users have been tricked into wiring money to fraudulent accounts. For home users, open facebook accounts allow attackers spy on people, or to guess at passwords. Oh, and freeze your credit, and consider credit monitoring. With as many breaches as there’s been, it’s safe to assume your identity information has been exposed at some point.

Reduce Your Attack Surface. Simple things, like locking your screen, or not leaving your devices unattended make a sure difference. Also, when at home or work, you hopefully use a password-protected router that encrypts your data. But, when you’re on the road, you might be tempted to use free, public Wi-Fi. The problem with public Wi-Fi is that it is often unsecured. This means it’s relatively easy for a hacker to access your device or information. That’s why you should consider investing in a Virtual Private Network (VPN). A VPN is a piece of software that creates a secure connection over the internet, so you can safely connect from anywhere. Finally, it is advisable to disable Wi-Fi and Bluetooth on mobile devices while traveling (especially abroad) because of increased risks. But technology manufactures have not almost made that easy. Apple has recently buried those options, so that the quick turnoff features do not actually turn off Wi-Fi and Bluetooth in iOS, you have to look deeper in settings.